You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by co...@apache.org on 2009/04/20 15:56:38 UTC
svn commit: r766696 [22/36] - in /webservices/wss4j/site: ./ apidocs/
apidocs/org/apache/ws/axis/security/
apidocs/org/apache/ws/axis/security/class-use/
apidocs/org/apache/ws/axis/security/handler/
apidocs/org/apache/ws/axis/security/handler/class-use...
Modified: webservices/wss4j/site/xref/org/apache/ws/security/handler/WSHandlerConstants.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/handler/WSHandlerConstants.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/handler/WSHandlerConstants.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/handler/WSHandlerConstants.html Mon Apr 20 13:56:25 2009
@@ -519,253 +519,268 @@
<a name="509" href="#509">509</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_KEY_ID = <span class="jxr_string">"signatureKeyIdentifier"</span>;
<a name="510" href="#510">510</a>
<a name="511" href="#511">511</a> <em class="jxr_javadoccomment">/**</em>
-<a name="512" href="#512">512</a> <em class="jxr_javadoccomment"> * Defines which signature algorithm to use. Currently this</em>
-<a name="513" href="#513">513</a> <em class="jxr_javadoccomment"> * parameter is ignored - SHA1RSA is the only supported algorithm,</em>
-<a name="514" href="#514">514</a> <em class="jxr_javadoccomment"> * will be enhanced soon.</em>
-<a name="515" href="#515">515</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="516" href="#516">516</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
-<a name="517" href="#517">517</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="518" href="#518">518</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.SIG_ALGO, "SHA1RSA");</em>
-<a name="519" href="#519">519</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="520" href="#520">520</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
-<a name="521" href="#521">521</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
-<a name="522" href="#522">522</a> <em class="jxr_javadoccomment"> */</em>
-<a name="523" href="#523">523</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_ALGO = <span class="jxr_string">"signatureAlgorithm"</span>;
-<a name="524" href="#524">524</a>
-<a name="525" href="#525">525</a> <em class="jxr_javadoccomment">/**</em>
-<a name="526" href="#526">526</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be signed.</em>
-<a name="527" href="#527">527</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="528" href="#528">528</a> <em class="jxr_javadoccomment"> * Refer to {@link #ENCRYPTION_PARTS} for a detailed description of</em>
-<a name="529" href="#529">529</a> <em class="jxr_javadoccomment"> * the format of the value string.</em>
-<a name="530" href="#530">530</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="531" href="#531">531</a> <em class="jxr_javadoccomment"> * If this parameter is not specified the handler signs the SOAP Body</em>
-<a name="532" href="#532">532</a> <em class="jxr_javadoccomment"> * by default.</em>
-<a name="533" href="#533">533</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="534" href="#534">534</a> <em class="jxr_javadoccomment"> * The WS Security specifications define several formats to transfer the</em>
-<a name="535" href="#535">535</a> <em class="jxr_javadoccomment"> * signature tokens (certificates) or references to these tokens.</em>
-<a name="536" href="#536">536</a> <em class="jxr_javadoccomment"> * Thus, the plain element name <code>Token</code></em>
-<a name="537" href="#537">537</a> <em class="jxr_javadoccomment"> * signs the token and takes care of the different format.</em>
-<a name="538" href="#538">538</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="539" href="#539">539</a> <em class="jxr_javadoccomment"> * To sign the SOAP body <b>and</b> the signature token the value of this</em>
-<a name="540" href="#540">540</a> <em class="jxr_javadoccomment"> * parameter must contain:</em>
-<a name="541" href="#541">541</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="542" href="#542">542</a> <em class="jxr_javadoccomment"> * &lt;parameter name="signatureParts"</em>
-<a name="543" href="#543">543</a> <em class="jxr_javadoccomment"> * value="{}{<a href="http://schemas.xmlsoap.org/soap/envelope/" target="alexandria_uri">http://schemas.xmlsoap.org/soap/envelope/</a>}Body; Token" /></em>
-<a name="544" href="#544">544</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="545" href="#545">545</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em>
-<a name="546" href="#546">546</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em>
-<a name="547" href="#547">547</a> <em class="jxr_javadoccomment"> * string)</em>
+<a name="512" href="#512">512</a> <em class="jxr_javadoccomment"> * Defines which signature algorithm to use.</em>
+<a name="513" href="#513">513</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="514" href="#514">514</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="515" href="#515">515</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="516" href="#516">516</a> <em class="jxr_javadoccomment"> * call.setProperty(</em>
+<a name="517" href="#517">517</a> <em class="jxr_javadoccomment"> * WSHandlerConstants.SIG_ALGO, </em>
+<a name="518" href="#518">518</a> <em class="jxr_javadoccomment"> * "<a href="http://www.w3.org/2001/04/xmldsig-more" target="alexandria_uri">http://www.w3.org/2001/04/xmldsig-more</a>#rsa-sha256"</em>
+<a name="519" href="#519">519</a> <em class="jxr_javadoccomment"> * );</em>
+<a name="520" href="#520">520</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="521" href="#521">521</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="522" href="#522">522</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="523" href="#523">523</a> <em class="jxr_javadoccomment"> */</em>
+<a name="524" href="#524">524</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_ALGO = <span class="jxr_string">"signatureAlgorithm"</span>;
+<a name="525" href="#525">525</a>
+<a name="526" href="#526">526</a> <em class="jxr_javadoccomment">/**</em>
+<a name="527" href="#527">527</a> <em class="jxr_javadoccomment"> * Defines which signature digest algorithm to use. </em>
+<a name="528" href="#528">528</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="529" href="#529">529</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="530" href="#530">530</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="531" href="#531">531</a> <em class="jxr_javadoccomment"> * call.setProperty(</em>
+<a name="532" href="#532">532</a> <em class="jxr_javadoccomment"> * WSHandlerConstants.SIG_DIGEST_ALGO, "<a href="http://www.w3.org/2001/04/xmlenc" target="alexandria_uri">http://www.w3.org/2001/04/xmlenc</a>#sha256"</em>
+<a name="533" href="#533">533</a> <em class="jxr_javadoccomment"> * );</em>
+<a name="534" href="#534">534</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="535" href="#535">535</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="536" href="#536">536</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="537" href="#537">537</a> <em class="jxr_javadoccomment"> */</em>
+<a name="538" href="#538">538</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_DIGEST_ALGO = <span class="jxr_string">"signatureDigestAlgorithm"</span>;
+<a name="539" href="#539">539</a>
+<a name="540" href="#540">540</a> <em class="jxr_javadoccomment">/**</em>
+<a name="541" href="#541">541</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be signed.</em>
+<a name="542" href="#542">542</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="543" href="#543">543</a> <em class="jxr_javadoccomment"> * Refer to {@link #ENCRYPTION_PARTS} for a detailed description of</em>
+<a name="544" href="#544">544</a> <em class="jxr_javadoccomment"> * the format of the value string.</em>
+<a name="545" href="#545">545</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="546" href="#546">546</a> <em class="jxr_javadoccomment"> * If this parameter is not specified the handler signs the SOAP Body</em>
+<a name="547" href="#547">547</a> <em class="jxr_javadoccomment"> * by default.</em>
<a name="548" href="#548">548</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="549" href="#549">549</a> <em class="jxr_javadoccomment"> * If there is no other element in the request with a local name of</em>
-<a name="550" href="#550">550</a> <em class="jxr_javadoccomment"> * <code>Body</code> then the SOAP namespace identifier can be empty</em>
-<a name="551" href="#551">551</a> <em class="jxr_javadoccomment"> * (<code>{}</code>).</em>
-<a name="552" href="#552">552</a> <em class="jxr_javadoccomment"> */</em>
-<a name="553" href="#553">553</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIGNATURE_PARTS = <span class="jxr_string">"signatureParts"</span>;
-<a name="554" href="#554">554</a>
-<a name="555" href="#555">555</a> <em class="jxr_javadoccomment">/**</em>
-<a name="556" href="#556">556</a> <em class="jxr_javadoccomment"> * The name of the crypto propterty file to use for SOAP Encryption.</em>
-<a name="557" href="#557">557</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="558" href="#558">558</a> <em class="jxr_javadoccomment"> * Refer to documentation of {@link #SIG_PROP_FILE}.</em>
-<a name="559" href="#559">559</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="560" href="#560">560</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
-<a name="561" href="#561">561</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="562" href="#562">562</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_PROP_FILE, "myCrypto.properties");</em>
-<a name="563" href="#563">563</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="564" href="#564">564</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
-<a name="565" href="#565">565</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
-<a name="566" href="#566">566</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="567" href="#567">567</a> <em class="jxr_javadoccomment"> * If this parameter is not used, but the signature crypto property</em>
-<a name="568" href="#568">568</a> <em class="jxr_javadoccomment"> * file is defined (combined Encryption/Signature action), then the</em>
-<a name="569" href="#569">569</a> <em class="jxr_javadoccomment"> * encryption function uses signature property file. Otherwise the</em>
-<a name="570" href="#570">570</a> <em class="jxr_javadoccomment"> * handler throws an <code>AxisFault</code>.</em>
-<a name="571" href="#571">571</a> <em class="jxr_javadoccomment"> */</em>
-<a name="572" href="#572">572</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_PROP_FILE = <span class="jxr_string">"encryptionPropFile"</span>;
-<a name="573" href="#573">573</a>
-<a name="574" href="#574">574</a> <em class="jxr_javadoccomment">/**</em>
-<a name="575" href="#575">575</a> <em class="jxr_javadoccomment"> * The key that hold the refernce of the </em>
-<a name="576" href="#576">576</a> <em class="jxr_javadoccomment"> * <code>java.util.Properties</code> object holding complete info about </em>
-<a name="577" href="#577">577</a> <em class="jxr_javadoccomment"> * encryption Crypto implementation. This should contain all information </em>
-<a name="578" href="#578">578</a> <em class="jxr_javadoccomment"> * that would contain in an equivalent .properties file which includes the </em>
-<a name="579" href="#579">579</a> <em class="jxr_javadoccomment"> * Crypto implementation class name.</em>
-<a name="580" href="#580">580</a> <em class="jxr_javadoccomment"> * </em>
-<a name="581" href="#581">581</a> <em class="jxr_javadoccomment"> * Refer to documentation of {@link #DEC_PROP_FILE}.</em>
-<a name="582" href="#582">582</a> <em class="jxr_javadoccomment"> */</em>
-<a name="583" href="#583">583</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">static</strong> String ENC_PROP_REF_ID = <span class="jxr_string">"encryptionPropRefId"</span>;
-<a name="584" href="#584">584</a>
-<a name="585" href="#585">585</a>
-<a name="586" href="#586">586</a> <em class="jxr_javadoccomment">/**</em>
-<a name="587" href="#587">587</a> <em class="jxr_javadoccomment"> * Defines which key identifier type to use. The WS-Security specifications</em>
-<a name="588" href="#588">588</a> <em class="jxr_javadoccomment"> * recommends to use the identifier type <code>IssuerSerial</code>. For</em>
-<a name="589" href="#589">589</a> <em class="jxr_javadoccomment"> * possible encryption key identifier types refer to</em>
-<a name="590" href="#590">590</a> <em class="jxr_javadoccomment"> * {@link #keyIdentifier}. For encryption <code>IssuerSerial</code>,</em>
-<a name="591" href="#591">591</a> <em class="jxr_javadoccomment"> * <code>X509KeyIdentifier</code>, <code>DirectReference</code>, </em>
-<a name="592" href="#592">592</a> <em class="jxr_javadoccomment"> * <code>Thumbprint</code>, <code>SKIKeyIdentifier</code>, and</em>
-<a name="593" href="#593">593</a> <em class="jxr_javadoccomment"> * <code>EmbeddedKeyName</code> are valid only.</em>
-<a name="594" href="#594">594</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="595" href="#595">595</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
-<a name="596" href="#596">596</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="597" href="#597">597</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_KEY_ID, "X509KeyIdentifier");</em>
-<a name="598" href="#598">598</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="599" href="#599">599</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
-<a name="600" href="#600">600</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
-<a name="601" href="#601">601</a> <em class="jxr_javadoccomment"> */</em>
-<a name="602" href="#602">602</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_ID = <span class="jxr_string">"encryptionKeyIdentifier"</span>;
-<a name="603" href="#603">603</a>
-<a name="604" href="#604">604</a> <em class="jxr_javadoccomment">/**</em>
-<a name="605" href="#605">605</a> <em class="jxr_javadoccomment"> * Defines which symmetric encryption algorithm to use. WSS4J supports the</em>
-<a name="606" href="#606">606</a> <em class="jxr_javadoccomment"> * following alorithms: {@link WSConstants#TRIPLE_DES},</em>
-<a name="607" href="#607">607</a> <em class="jxr_javadoccomment"> * {@link WSConstants#AES_128}, {@link WSConstants#AES_256},</em>
-<a name="608" href="#608">608</a> <em class="jxr_javadoccomment"> * and {@link WSConstants#AES_192}. Except for AES 192 all of these</em>
-<a name="609" href="#609">609</a> <em class="jxr_javadoccomment"> * algorithms are required by the XML Encryption specification.</em>
-<a name="610" href="#610">610</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="611" href="#611">611</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
-<a name="612" href="#612">612</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="613" href="#613">613</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_SYM_ALGO, WSConstants.AES_256);</em>
-<a name="614" href="#614">614</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="615" href="#615">615</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
-<a name="616" href="#616">616</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
-<a name="617" href="#617">617</a> <em class="jxr_javadoccomment"> */</em>
-<a name="618" href="#618">618</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_SYM_ALGO = <span class="jxr_string">"encryptionSymAlgorithm"</span>;
-<a name="619" href="#619">619</a>
-<a name="620" href="#620">620</a> <em class="jxr_javadoccomment">/**</em>
-<a name="621" href="#621">621</a> <em class="jxr_javadoccomment"> * Defines which algorithm to use to encrypt the generated symmetric key.</em>
-<a name="622" href="#622">622</a> <em class="jxr_javadoccomment"> * Currently WSS4J supports {@link WSConstants#KEYTRANSPORT_RSA15} only.</em>
-<a name="623" href="#623">623</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="624" href="#624">624</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
-<a name="625" href="#625">625</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="626" href="#626">626</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_KEY_TRANSPORT, "RSA15");</em>
-<a name="627" href="#627">627</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="628" href="#628">628</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
-<a name="629" href="#629">629</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
-<a name="630" href="#630">630</a> <em class="jxr_javadoccomment"> */</em>
-<a name="631" href="#631">631</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_TRANSPORT =
-<a name="632" href="#632">632</a> <span class="jxr_string">"encryptionKeyTransportAlgorithm"</span>;
-<a name="633" href="#633">633</a>
-<a name="634" href="#634">634</a> <em class="jxr_javadoccomment">/**</em>
-<a name="635" href="#635">635</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted.</em>
-<a name="636" href="#636">636</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="637" href="#637">637</a> <em class="jxr_javadoccomment"> * The value of this parameter is a list of semi-colon separated</em>
-<a name="638" href="#638">638</a> <em class="jxr_javadoccomment"> * element names that identify the elements to encrypt. An encryption mode</em>
-<a name="639" href="#639">639</a> <em class="jxr_javadoccomment"> * specifier and a namespace identification, each inside a pair of curly</em>
-<a name="640" href="#640">640</a> <em class="jxr_javadoccomment"> * brackets, may preceed each element name.</em>
-<a name="641" href="#641">641</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="642" href="#642">642</a> <em class="jxr_javadoccomment"> * The encryption mode specifier is either <code>{Content}</code> or</em>
-<a name="643" href="#643">643</a> <em class="jxr_javadoccomment"> * <code>{Element}</code>. Please refer to the W3C XML Encryption</em>
-<a name="644" href="#644">644</a> <em class="jxr_javadoccomment"> * specification about the differences between Element and Content</em>
-<a name="645" href="#645">645</a> <em class="jxr_javadoccomment"> * encryption. The encryption mode defaults to <code>Content</code></em>
-<a name="646" href="#646">646</a> <em class="jxr_javadoccomment"> * if it is omitted. Example of a list:</em>
-<a name="647" href="#647">647</a> <em class="jxr_javadoccomment"> * <pre></em>
-<a name="648" href="#648">648</a> <em class="jxr_javadoccomment"> * &lt;parameter name="encryptionParts"</em>
-<a name="649" href="#649">649</a> <em class="jxr_javadoccomment"> * value="{Content}{<a href="http://example.org/paymentv2" target="alexandria_uri">http://example.org/paymentv2</a>}CreditCard;</em>
-<a name="650" href="#650">650</a> <em class="jxr_javadoccomment"> * {Element}{}UserName" /></em>
-<a name="651" href="#651">651</a> <em class="jxr_javadoccomment"> * </pre></em>
-<a name="652" href="#652">652</a> <em class="jxr_javadoccomment"> * The the first entry of the list identifies the element</em>
-<a name="653" href="#653">653</a> <em class="jxr_javadoccomment"> * <code>CreditCard</code> in the namespace</em>
-<a name="654" href="#654">654</a> <em class="jxr_javadoccomment"> * <code><a href="http://example.org/paymentv2</code>," target="alexandria_uri">http://example.org/paymentv2</code>,</a> and will encrypt its content.</em>
-<a name="655" href="#655">655</a> <em class="jxr_javadoccomment"> * Be aware that the element name, the namespace identifier, and the</em>
-<a name="656" href="#656">656</a> <em class="jxr_javadoccomment"> * encryption modifier are case sensitive.</em>
-<a name="657" href="#657">657</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="658" href="#658">658</a> <em class="jxr_javadoccomment"> * The encryption modifier and the namespace identifier can be ommited.</em>
-<a name="659" href="#659">659</a> <em class="jxr_javadoccomment"> * In this case the encryption mode defaults to <code>Content</code> and</em>
-<a name="660" href="#660">660</a> <em class="jxr_javadoccomment"> * the namespace is set to the SOAP namespace.</em>
-<a name="661" href="#661">661</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="662" href="#662">662</a> <em class="jxr_javadoccomment"> * An empty encryption mode defaults to <code>Content</code>, an empty</em>
-<a name="663" href="#663">663</a> <em class="jxr_javadoccomment"> * namespace identifier defaults to the SOAP namespace.</em>
-<a name="664" href="#664">664</a> <em class="jxr_javadoccomment"> * The second line of the example defines <code>Element</code> as</em>
-<a name="665" href="#665">665</a> <em class="jxr_javadoccomment"> * encryption mode for an <code>UserName</code> element in the SOAP</em>
-<a name="666" href="#666">666</a> <em class="jxr_javadoccomment"> * namespace.</em>
-<a name="667" href="#667">667</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="668" href="#668">668</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em>
-<a name="669" href="#669">669</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em>
-<a name="670" href="#670">670</a> <em class="jxr_javadoccomment"> * string)</em>
-<a name="671" href="#671">671</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="672" href="#672">672</a> <em class="jxr_javadoccomment"> * If no list is specified, the handler encrypts the SOAP Body in</em>
-<a name="673" href="#673">673</a> <em class="jxr_javadoccomment"> * <code>Content</code> mode by default.</em>
-<a name="674" href="#674">674</a> <em class="jxr_javadoccomment"> */</em>
-<a name="675" href="#675">675</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENCRYPTION_PARTS = <span class="jxr_string">"encryptionParts"</span>;
-<a name="676" href="#676">676</a>
-<a name="677" href="#677">677</a> <em class="jxr_javadoccomment">/**</em>
-<a name="678" href="#678">678</a> <em class="jxr_javadoccomment"> * The name of the SAML Issuer factory property file.</em>
-<a name="679" href="#679">679</a> <em class="jxr_javadoccomment"> * The classloader loads this file. Therefore it must be accessible</em>
-<a name="680" href="#680">680</a> <em class="jxr_javadoccomment"> * via the classpath.</em>
-<a name="681" href="#681">681</a> <em class="jxr_javadoccomment"> */</em>
-<a name="682" href="#682">682</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SAML_PROP_FILE = <span class="jxr_string">"samlPropFile"</span>;
-<a name="683" href="#683">683</a>
-<a name="684" href="#684">684</a> <em class="jxr_javadoccomment">/**</em>
-<a name="685" href="#685">685</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em>
-<a name="686" href="#686">686</a> <em class="jxr_javadoccomment"> * the WSS Timestamp.</em>
-<a name="687" href="#687">687</a> <em class="jxr_javadoccomment"> * The time-to-live in seconds. After this time the SOAP request is</em>
-<a name="688" href="#688">688</a> <em class="jxr_javadoccomment"> * invalid (at least the security data shall be treated this way).</em>
-<a name="689" href="#689">689</a> <em class="jxr_javadoccomment"> * <p/></em>
-<a name="690" href="#690">690</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em>
-<a name="691" href="#691">691</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em>
-<a name="692" href="#692">692</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em>
-<a name="693" href="#693">693</a> <em class="jxr_javadoccomment"> */</em>
-<a name="694" href="#694">694</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_TIMESTAMP = <span class="jxr_string">"timeToLive"</span>;
-<a name="695" href="#695">695</a>
-<a name="696" href="#696">696</a> <em class="jxr_javadoccomment">/**</em>
-<a name="697" href="#697">697</a> <em class="jxr_javadoccomment"> * Whether to enable signatureConfirmation or not</em>
-<a name="698" href="#698">698</a> <em class="jxr_javadoccomment"> * By default signatureConfirmation is enabled</em>
-<a name="699" href="#699">699</a> <em class="jxr_javadoccomment"> */</em>
-<a name="700" href="#700">700</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENABLE_SIGNATURE_CONFIRMATION = <span class="jxr_string">"enableSignatureConfirmation"</span>;
-<a name="701" href="#701">701</a>
-<a name="702" href="#702">702</a> <em class="jxr_javadoccomment">/**</em>
-<a name="703" href="#703">703</a> <em class="jxr_javadoccomment"> * Should timestamps have precision in milliseconds</em>
-<a name="704" href="#704">704</a> <em class="jxr_javadoccomment"> */</em>
-<a name="705" href="#705">705</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_PRECISION = <span class="jxr_string">"precisionInMilliseconds"</span>;
-<a name="706" href="#706">706</a>
-<a name="707" href="#707">707</a> <em class="jxr_javadoccomment">/**</em>
-<a name="708" href="#708">708</a> <em class="jxr_javadoccomment"> * Set the value of this parameter to true to enable strict timestamp</em>
-<a name="709" href="#709">709</a> <em class="jxr_javadoccomment"> * handling.</em>
-<a name="710" href="#710">710</a> <em class="jxr_javadoccomment"> * </em>
-<a name="711" href="#711">711</a> <em class="jxr_javadoccomment"> * Strict Timestamp handling: throw an exception if a Timestamp contains</em>
-<a name="712" href="#712">712</a> <em class="jxr_javadoccomment"> * an <code>Expires</code> element and the semantics of the request are</em>
-<a name="713" href="#713">713</a> <em class="jxr_javadoccomment"> * expired, i.e. the current time at the receiver is past the expires time. </em>
+<a name="549" href="#549">549</a> <em class="jxr_javadoccomment"> * The WS Security specifications define several formats to transfer the</em>
+<a name="550" href="#550">550</a> <em class="jxr_javadoccomment"> * signature tokens (certificates) or references to these tokens.</em>
+<a name="551" href="#551">551</a> <em class="jxr_javadoccomment"> * Thus, the plain element name <code>Token</code></em>
+<a name="552" href="#552">552</a> <em class="jxr_javadoccomment"> * signs the token and takes care of the different format.</em>
+<a name="553" href="#553">553</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="554" href="#554">554</a> <em class="jxr_javadoccomment"> * To sign the SOAP body <b>and</b> the signature token the value of this</em>
+<a name="555" href="#555">555</a> <em class="jxr_javadoccomment"> * parameter must contain:</em>
+<a name="556" href="#556">556</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="557" href="#557">557</a> <em class="jxr_javadoccomment"> * &lt;parameter name="signatureParts"</em>
+<a name="558" href="#558">558</a> <em class="jxr_javadoccomment"> * value="{}{<a href="http://schemas.xmlsoap.org/soap/envelope/" target="alexandria_uri">http://schemas.xmlsoap.org/soap/envelope/</a>}Body; Token" /></em>
+<a name="559" href="#559">559</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="560" href="#560">560</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em>
+<a name="561" href="#561">561</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em>
+<a name="562" href="#562">562</a> <em class="jxr_javadoccomment"> * string)</em>
+<a name="563" href="#563">563</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="564" href="#564">564</a> <em class="jxr_javadoccomment"> * If there is no other element in the request with a local name of</em>
+<a name="565" href="#565">565</a> <em class="jxr_javadoccomment"> * <code>Body</code> then the SOAP namespace identifier can be empty</em>
+<a name="566" href="#566">566</a> <em class="jxr_javadoccomment"> * (<code>{}</code>).</em>
+<a name="567" href="#567">567</a> <em class="jxr_javadoccomment"> */</em>
+<a name="568" href="#568">568</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIGNATURE_PARTS = <span class="jxr_string">"signatureParts"</span>;
+<a name="569" href="#569">569</a>
+<a name="570" href="#570">570</a> <em class="jxr_javadoccomment">/**</em>
+<a name="571" href="#571">571</a> <em class="jxr_javadoccomment"> * The name of the crypto propterty file to use for SOAP Encryption.</em>
+<a name="572" href="#572">572</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="573" href="#573">573</a> <em class="jxr_javadoccomment"> * Refer to documentation of {@link #SIG_PROP_FILE}.</em>
+<a name="574" href="#574">574</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="575" href="#575">575</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="576" href="#576">576</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="577" href="#577">577</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_PROP_FILE, "myCrypto.properties");</em>
+<a name="578" href="#578">578</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="579" href="#579">579</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="580" href="#580">580</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="581" href="#581">581</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="582" href="#582">582</a> <em class="jxr_javadoccomment"> * If this parameter is not used, but the signature crypto property</em>
+<a name="583" href="#583">583</a> <em class="jxr_javadoccomment"> * file is defined (combined Encryption/Signature action), then the</em>
+<a name="584" href="#584">584</a> <em class="jxr_javadoccomment"> * encryption function uses signature property file. Otherwise the</em>
+<a name="585" href="#585">585</a> <em class="jxr_javadoccomment"> * handler throws an <code>AxisFault</code>.</em>
+<a name="586" href="#586">586</a> <em class="jxr_javadoccomment"> */</em>
+<a name="587" href="#587">587</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_PROP_FILE = <span class="jxr_string">"encryptionPropFile"</span>;
+<a name="588" href="#588">588</a>
+<a name="589" href="#589">589</a> <em class="jxr_javadoccomment">/**</em>
+<a name="590" href="#590">590</a> <em class="jxr_javadoccomment"> * The key that hold the refernce of the </em>
+<a name="591" href="#591">591</a> <em class="jxr_javadoccomment"> * <code>java.util.Properties</code> object holding complete info about </em>
+<a name="592" href="#592">592</a> <em class="jxr_javadoccomment"> * encryption Crypto implementation. This should contain all information </em>
+<a name="593" href="#593">593</a> <em class="jxr_javadoccomment"> * that would contain in an equivalent .properties file which includes the </em>
+<a name="594" href="#594">594</a> <em class="jxr_javadoccomment"> * Crypto implementation class name.</em>
+<a name="595" href="#595">595</a> <em class="jxr_javadoccomment"> * </em>
+<a name="596" href="#596">596</a> <em class="jxr_javadoccomment"> * Refer to documentation of {@link #DEC_PROP_FILE}.</em>
+<a name="597" href="#597">597</a> <em class="jxr_javadoccomment"> */</em>
+<a name="598" href="#598">598</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">static</strong> String ENC_PROP_REF_ID = <span class="jxr_string">"encryptionPropRefId"</span>;
+<a name="599" href="#599">599</a>
+<a name="600" href="#600">600</a>
+<a name="601" href="#601">601</a> <em class="jxr_javadoccomment">/**</em>
+<a name="602" href="#602">602</a> <em class="jxr_javadoccomment"> * Defines which key identifier type to use. The WS-Security specifications</em>
+<a name="603" href="#603">603</a> <em class="jxr_javadoccomment"> * recommends to use the identifier type <code>IssuerSerial</code>. For</em>
+<a name="604" href="#604">604</a> <em class="jxr_javadoccomment"> * possible encryption key identifier types refer to</em>
+<a name="605" href="#605">605</a> <em class="jxr_javadoccomment"> * {@link #keyIdentifier}. For encryption <code>IssuerSerial</code>,</em>
+<a name="606" href="#606">606</a> <em class="jxr_javadoccomment"> * <code>X509KeyIdentifier</code>, <code>DirectReference</code>, </em>
+<a name="607" href="#607">607</a> <em class="jxr_javadoccomment"> * <code>Thumbprint</code>, <code>SKIKeyIdentifier</code>, and</em>
+<a name="608" href="#608">608</a> <em class="jxr_javadoccomment"> * <code>EmbeddedKeyName</code> are valid only.</em>
+<a name="609" href="#609">609</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="610" href="#610">610</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="611" href="#611">611</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="612" href="#612">612</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_KEY_ID, "X509KeyIdentifier");</em>
+<a name="613" href="#613">613</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="614" href="#614">614</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="615" href="#615">615</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="616" href="#616">616</a> <em class="jxr_javadoccomment"> */</em>
+<a name="617" href="#617">617</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_ID = <span class="jxr_string">"encryptionKeyIdentifier"</span>;
+<a name="618" href="#618">618</a>
+<a name="619" href="#619">619</a> <em class="jxr_javadoccomment">/**</em>
+<a name="620" href="#620">620</a> <em class="jxr_javadoccomment"> * Defines which symmetric encryption algorithm to use. WSS4J supports the</em>
+<a name="621" href="#621">621</a> <em class="jxr_javadoccomment"> * following alorithms: {@link WSConstants#TRIPLE_DES},</em>
+<a name="622" href="#622">622</a> <em class="jxr_javadoccomment"> * {@link WSConstants#AES_128}, {@link WSConstants#AES_256},</em>
+<a name="623" href="#623">623</a> <em class="jxr_javadoccomment"> * and {@link WSConstants#AES_192}. Except for AES 192 all of these</em>
+<a name="624" href="#624">624</a> <em class="jxr_javadoccomment"> * algorithms are required by the XML Encryption specification.</em>
+<a name="625" href="#625">625</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="626" href="#626">626</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="627" href="#627">627</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="628" href="#628">628</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_SYM_ALGO, WSConstants.AES_256);</em>
+<a name="629" href="#629">629</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="630" href="#630">630</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="631" href="#631">631</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="632" href="#632">632</a> <em class="jxr_javadoccomment"> */</em>
+<a name="633" href="#633">633</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_SYM_ALGO = <span class="jxr_string">"encryptionSymAlgorithm"</span>;
+<a name="634" href="#634">634</a>
+<a name="635" href="#635">635</a> <em class="jxr_javadoccomment">/**</em>
+<a name="636" href="#636">636</a> <em class="jxr_javadoccomment"> * Defines which algorithm to use to encrypt the generated symmetric key.</em>
+<a name="637" href="#637">637</a> <em class="jxr_javadoccomment"> * Currently WSS4J supports {@link WSConstants#KEYTRANSPORT_RSA15} only.</em>
+<a name="638" href="#638">638</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="639" href="#639">639</a> <em class="jxr_javadoccomment"> * The application may set this parameter using the following method:</em>
+<a name="640" href="#640">640</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="641" href="#641">641</a> <em class="jxr_javadoccomment"> * call.setProperty(WSHandlerConstants.ENC_KEY_TRANSPORT, "RSA15");</em>
+<a name="642" href="#642">642</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="643" href="#643">643</a> <em class="jxr_javadoccomment"> * However, the parameter in the WSDD deployment file overwrites the</em>
+<a name="644" href="#644">644</a> <em class="jxr_javadoccomment"> * property setting (deployment setting overwrites application setting).</em>
+<a name="645" href="#645">645</a> <em class="jxr_javadoccomment"> */</em>
+<a name="646" href="#646">646</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENC_KEY_TRANSPORT =
+<a name="647" href="#647">647</a> <span class="jxr_string">"encryptionKeyTransportAlgorithm"</span>;
+<a name="648" href="#648">648</a>
+<a name="649" href="#649">649</a> <em class="jxr_javadoccomment">/**</em>
+<a name="650" href="#650">650</a> <em class="jxr_javadoccomment"> * Parameter to define which parts of the request shall be encrypted.</em>
+<a name="651" href="#651">651</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="652" href="#652">652</a> <em class="jxr_javadoccomment"> * The value of this parameter is a list of semi-colon separated</em>
+<a name="653" href="#653">653</a> <em class="jxr_javadoccomment"> * element names that identify the elements to encrypt. An encryption mode</em>
+<a name="654" href="#654">654</a> <em class="jxr_javadoccomment"> * specifier and a namespace identification, each inside a pair of curly</em>
+<a name="655" href="#655">655</a> <em class="jxr_javadoccomment"> * brackets, may preceed each element name.</em>
+<a name="656" href="#656">656</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="657" href="#657">657</a> <em class="jxr_javadoccomment"> * The encryption mode specifier is either <code>{Content}</code> or</em>
+<a name="658" href="#658">658</a> <em class="jxr_javadoccomment"> * <code>{Element}</code>. Please refer to the W3C XML Encryption</em>
+<a name="659" href="#659">659</a> <em class="jxr_javadoccomment"> * specification about the differences between Element and Content</em>
+<a name="660" href="#660">660</a> <em class="jxr_javadoccomment"> * encryption. The encryption mode defaults to <code>Content</code></em>
+<a name="661" href="#661">661</a> <em class="jxr_javadoccomment"> * if it is omitted. Example of a list:</em>
+<a name="662" href="#662">662</a> <em class="jxr_javadoccomment"> * <pre></em>
+<a name="663" href="#663">663</a> <em class="jxr_javadoccomment"> * &lt;parameter name="encryptionParts"</em>
+<a name="664" href="#664">664</a> <em class="jxr_javadoccomment"> * value="{Content}{<a href="http://example.org/paymentv2" target="alexandria_uri">http://example.org/paymentv2</a>}CreditCard;</em>
+<a name="665" href="#665">665</a> <em class="jxr_javadoccomment"> * {Element}{}UserName" /></em>
+<a name="666" href="#666">666</a> <em class="jxr_javadoccomment"> * </pre></em>
+<a name="667" href="#667">667</a> <em class="jxr_javadoccomment"> * The the first entry of the list identifies the element</em>
+<a name="668" href="#668">668</a> <em class="jxr_javadoccomment"> * <code>CreditCard</code> in the namespace</em>
+<a name="669" href="#669">669</a> <em class="jxr_javadoccomment"> * <code><a href="http://example.org/paymentv2</code>," target="alexandria_uri">http://example.org/paymentv2</code>,</a> and will encrypt its content.</em>
+<a name="670" href="#670">670</a> <em class="jxr_javadoccomment"> * Be aware that the element name, the namespace identifier, and the</em>
+<a name="671" href="#671">671</a> <em class="jxr_javadoccomment"> * encryption modifier are case sensitive.</em>
+<a name="672" href="#672">672</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="673" href="#673">673</a> <em class="jxr_javadoccomment"> * The encryption modifier and the namespace identifier can be ommited.</em>
+<a name="674" href="#674">674</a> <em class="jxr_javadoccomment"> * In this case the encryption mode defaults to <code>Content</code> and</em>
+<a name="675" href="#675">675</a> <em class="jxr_javadoccomment"> * the namespace is set to the SOAP namespace.</em>
+<a name="676" href="#676">676</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="677" href="#677">677</a> <em class="jxr_javadoccomment"> * An empty encryption mode defaults to <code>Content</code>, an empty</em>
+<a name="678" href="#678">678</a> <em class="jxr_javadoccomment"> * namespace identifier defaults to the SOAP namespace.</em>
+<a name="679" href="#679">679</a> <em class="jxr_javadoccomment"> * The second line of the example defines <code>Element</code> as</em>
+<a name="680" href="#680">680</a> <em class="jxr_javadoccomment"> * encryption mode for an <code>UserName</code> element in the SOAP</em>
+<a name="681" href="#681">681</a> <em class="jxr_javadoccomment"> * namespace.</em>
+<a name="682" href="#682">682</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="683" href="#683">683</a> <em class="jxr_javadoccomment"> * To specify an element without a namespace use the string</em>
+<a name="684" href="#684">684</a> <em class="jxr_javadoccomment"> * <code>Null</code> as the namespace name (this is a case sensitive</em>
+<a name="685" href="#685">685</a> <em class="jxr_javadoccomment"> * string)</em>
+<a name="686" href="#686">686</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="687" href="#687">687</a> <em class="jxr_javadoccomment"> * If no list is specified, the handler encrypts the SOAP Body in</em>
+<a name="688" href="#688">688</a> <em class="jxr_javadoccomment"> * <code>Content</code> mode by default.</em>
+<a name="689" href="#689">689</a> <em class="jxr_javadoccomment"> */</em>
+<a name="690" href="#690">690</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENCRYPTION_PARTS = <span class="jxr_string">"encryptionParts"</span>;
+<a name="691" href="#691">691</a>
+<a name="692" href="#692">692</a> <em class="jxr_javadoccomment">/**</em>
+<a name="693" href="#693">693</a> <em class="jxr_javadoccomment"> * The name of the SAML Issuer factory property file.</em>
+<a name="694" href="#694">694</a> <em class="jxr_javadoccomment"> * The classloader loads this file. Therefore it must be accessible</em>
+<a name="695" href="#695">695</a> <em class="jxr_javadoccomment"> * via the classpath.</em>
+<a name="696" href="#696">696</a> <em class="jxr_javadoccomment"> */</em>
+<a name="697" href="#697">697</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SAML_PROP_FILE = <span class="jxr_string">"samlPropFile"</span>;
+<a name="698" href="#698">698</a>
+<a name="699" href="#699">699</a> <em class="jxr_javadoccomment">/**</em>
+<a name="700" href="#700">700</a> <em class="jxr_javadoccomment"> * Time-To-Live is the time difference between creation and expiry time in</em>
+<a name="701" href="#701">701</a> <em class="jxr_javadoccomment"> * the WSS Timestamp.</em>
+<a name="702" href="#702">702</a> <em class="jxr_javadoccomment"> * The time-to-live in seconds. After this time the SOAP request is</em>
+<a name="703" href="#703">703</a> <em class="jxr_javadoccomment"> * invalid (at least the security data shall be treated this way).</em>
+<a name="704" href="#704">704</a> <em class="jxr_javadoccomment"> * <p/></em>
+<a name="705" href="#705">705</a> <em class="jxr_javadoccomment"> * If this parameter is not defined, contains a value less or equal</em>
+<a name="706" href="#706">706</a> <em class="jxr_javadoccomment"> * zero, or an illegal format the handlers use a default TTL of</em>
+<a name="707" href="#707">707</a> <em class="jxr_javadoccomment"> * 300 seconds (5 minutes).</em>
+<a name="708" href="#708">708</a> <em class="jxr_javadoccomment"> */</em>
+<a name="709" href="#709">709</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TTL_TIMESTAMP = <span class="jxr_string">"timeToLive"</span>;
+<a name="710" href="#710">710</a>
+<a name="711" href="#711">711</a> <em class="jxr_javadoccomment">/**</em>
+<a name="712" href="#712">712</a> <em class="jxr_javadoccomment"> * Whether to enable signatureConfirmation or not</em>
+<a name="713" href="#713">713</a> <em class="jxr_javadoccomment"> * By default signatureConfirmation is enabled</em>
<a name="714" href="#714">714</a> <em class="jxr_javadoccomment"> */</em>
-<a name="715" href="#715">715</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_STRICT = <span class="jxr_string">"timestampStrict"</span>;
+<a name="715" href="#715">715</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String ENABLE_SIGNATURE_CONFIRMATION = <span class="jxr_string">"enableSignatureConfirmation"</span>;
<a name="716" href="#716">716</a>
<a name="717" href="#717">717</a> <em class="jxr_javadoccomment">/**</em>
-<a name="718" href="#718">718</a> <em class="jxr_javadoccomment"> * Define the parameter values to set the key identifier types. These are:</em>
-<a name="719" href="#719">719</a> <em class="jxr_javadoccomment"> * <ul></em>
-<a name="720" href="#720">720</a> <em class="jxr_javadoccomment"> * <li><code>DirectReference</code> for {@link WSConstants#BST_DIRECT_REFERENCE}</em>
-<a name="721" href="#721">721</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="722" href="#722">722</a> <em class="jxr_javadoccomment"> * <li><code>IssuerSerial</code> for {@link WSConstants#ISSUER_SERIAL}</em>
-<a name="723" href="#723">723</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="724" href="#724">724</a> <em class="jxr_javadoccomment"> * <li><code>X509KeyIdentifier</code> for {@link WSConstants#X509_KEY_IDENTIFIER}</em>
-<a name="725" href="#725">725</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="726" href="#726">726</a> <em class="jxr_javadoccomment"> * <li><code>SKIKeyIdentifier</code> for {@link WSConstants#SKI_KEY_IDENTIFIER}</em>
-<a name="727" href="#727">727</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="728" href="#728">728</a> <em class="jxr_javadoccomment"> * <li><code>EmbeddedKeyName</code> for {@link WSConstants#EMBEDDED_KEYNAME}</em>
-<a name="729" href="#729">729</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="730" href="#730">730</a> <em class="jxr_javadoccomment"> * <li><code>Thumbprint</code> for {@link WSConstants#THUMBPRINT}</em>
-<a name="731" href="#731">731</a> <em class="jxr_javadoccomment"> * </li></em>
-<a name="732" href="#732">732</a> <em class="jxr_javadoccomment"> * </ul</em>
-<a name="733" href="#733">733</a> <em class="jxr_javadoccomment"> * See {@link #SIG_KEY_ID} {@link #ENC_KEY_ID}.</em>
-<a name="734" href="#734">734</a> <em class="jxr_javadoccomment"> */</em>
-<a name="735" href="#735">735</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> Map keyIdentifier = <strong class="jxr_keyword">new</strong> Hashtable();
-<a name="736" href="#736">736</a>
-<a name="737" href="#737">737</a> <strong class="jxr_keyword">static</strong> {
-<a name="738" href="#738">738</a> keyIdentifier.put(<span class="jxr_string">"DirectReference"</span>,
-<a name="739" href="#739">739</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.BST_DIRECT_REFERENCE));
-<a name="740" href="#740">740</a> keyIdentifier.put(<span class="jxr_string">"IssuerSerial"</span>,
-<a name="741" href="#741">741</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.ISSUER_SERIAL));
-<a name="742" href="#742">742</a> keyIdentifier.put(<span class="jxr_string">"X509KeyIdentifier"</span>,
-<a name="743" href="#743">743</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.X509_KEY_IDENTIFIER));
-<a name="744" href="#744">744</a> keyIdentifier.put(<span class="jxr_string">"SKIKeyIdentifier"</span>,
-<a name="745" href="#745">745</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.SKI_KEY_IDENTIFIER));
-<a name="746" href="#746">746</a> keyIdentifier.put(<span class="jxr_string">"EmbeddedKeyName"</span>,
-<a name="747" href="#747">747</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.EMBEDDED_KEYNAME));
-<a name="748" href="#748">748</a> keyIdentifier.put(<span class="jxr_string">"Thumbprint"</span>,
-<a name="749" href="#749">749</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.THUMBPRINT_IDENTIFIER));
-<a name="750" href="#750">750</a> }
-<a name="751" href="#751">751</a> <em class="jxr_comment">/*</em>
-<a name="752" href="#752">752</a> <em class="jxr_comment"> * internally used property names to store values inside the message context</em>
-<a name="753" href="#753">753</a> <em class="jxr_comment"> * that must have the same livetime as a message (request/response model).</em>
-<a name="754" href="#754">754</a> <em class="jxr_comment"> */</em>
-<a name="755" href="#755">755</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SEND_SIGV = <span class="jxr_string">"_sendSignatureValues_"</span>;
-<a name="756" href="#756">756</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_CONF_DONE = <span class="jxr_string">"_sigConfDone_"</span>;
-<a name="757" href="#757">757</a> }
-<a name="758" href="#758">758</a>
+<a name="718" href="#718">718</a> <em class="jxr_javadoccomment"> * Should timestamps have precision in milliseconds</em>
+<a name="719" href="#719">719</a> <em class="jxr_javadoccomment"> */</em>
+<a name="720" href="#720">720</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_PRECISION = <span class="jxr_string">"precisionInMilliseconds"</span>;
+<a name="721" href="#721">721</a>
+<a name="722" href="#722">722</a> <em class="jxr_javadoccomment">/**</em>
+<a name="723" href="#723">723</a> <em class="jxr_javadoccomment"> * Set the value of this parameter to true to enable strict timestamp</em>
+<a name="724" href="#724">724</a> <em class="jxr_javadoccomment"> * handling.</em>
+<a name="725" href="#725">725</a> <em class="jxr_javadoccomment"> * </em>
+<a name="726" href="#726">726</a> <em class="jxr_javadoccomment"> * Strict Timestamp handling: throw an exception if a Timestamp contains</em>
+<a name="727" href="#727">727</a> <em class="jxr_javadoccomment"> * an <code>Expires</code> element and the semantics of the request are</em>
+<a name="728" href="#728">728</a> <em class="jxr_javadoccomment"> * expired, i.e. the current time at the receiver is past the expires time. </em>
+<a name="729" href="#729">729</a> <em class="jxr_javadoccomment"> */</em>
+<a name="730" href="#730">730</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String TIMESTAMP_STRICT = <span class="jxr_string">"timestampStrict"</span>;
+<a name="731" href="#731">731</a>
+<a name="732" href="#732">732</a> <em class="jxr_javadoccomment">/**</em>
+<a name="733" href="#733">733</a> <em class="jxr_javadoccomment"> * Define the parameter values to set the key identifier types. These are:</em>
+<a name="734" href="#734">734</a> <em class="jxr_javadoccomment"> * <ul></em>
+<a name="735" href="#735">735</a> <em class="jxr_javadoccomment"> * <li><code>DirectReference</code> for {@link WSConstants#BST_DIRECT_REFERENCE}</em>
+<a name="736" href="#736">736</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="737" href="#737">737</a> <em class="jxr_javadoccomment"> * <li><code>IssuerSerial</code> for {@link WSConstants#ISSUER_SERIAL}</em>
+<a name="738" href="#738">738</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="739" href="#739">739</a> <em class="jxr_javadoccomment"> * <li><code>X509KeyIdentifier</code> for {@link WSConstants#X509_KEY_IDENTIFIER}</em>
+<a name="740" href="#740">740</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="741" href="#741">741</a> <em class="jxr_javadoccomment"> * <li><code>SKIKeyIdentifier</code> for {@link WSConstants#SKI_KEY_IDENTIFIER}</em>
+<a name="742" href="#742">742</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="743" href="#743">743</a> <em class="jxr_javadoccomment"> * <li><code>EmbeddedKeyName</code> for {@link WSConstants#EMBEDDED_KEYNAME}</em>
+<a name="744" href="#744">744</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="745" href="#745">745</a> <em class="jxr_javadoccomment"> * <li><code>Thumbprint</code> for {@link WSConstants#THUMBPRINT}</em>
+<a name="746" href="#746">746</a> <em class="jxr_javadoccomment"> * </li></em>
+<a name="747" href="#747">747</a> <em class="jxr_javadoccomment"> * </ul</em>
+<a name="748" href="#748">748</a> <em class="jxr_javadoccomment"> * See {@link #SIG_KEY_ID} {@link #ENC_KEY_ID}.</em>
+<a name="749" href="#749">749</a> <em class="jxr_javadoccomment"> */</em>
+<a name="750" href="#750">750</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> Map keyIdentifier = <strong class="jxr_keyword">new</strong> Hashtable();
+<a name="751" href="#751">751</a>
+<a name="752" href="#752">752</a> <strong class="jxr_keyword">static</strong> {
+<a name="753" href="#753">753</a> keyIdentifier.put(<span class="jxr_string">"DirectReference"</span>,
+<a name="754" href="#754">754</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.BST_DIRECT_REFERENCE));
+<a name="755" href="#755">755</a> keyIdentifier.put(<span class="jxr_string">"IssuerSerial"</span>,
+<a name="756" href="#756">756</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.ISSUER_SERIAL));
+<a name="757" href="#757">757</a> keyIdentifier.put(<span class="jxr_string">"X509KeyIdentifier"</span>,
+<a name="758" href="#758">758</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.X509_KEY_IDENTIFIER));
+<a name="759" href="#759">759</a> keyIdentifier.put(<span class="jxr_string">"SKIKeyIdentifier"</span>,
+<a name="760" href="#760">760</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.SKI_KEY_IDENTIFIER));
+<a name="761" href="#761">761</a> keyIdentifier.put(<span class="jxr_string">"EmbeddedKeyName"</span>,
+<a name="762" href="#762">762</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.EMBEDDED_KEYNAME));
+<a name="763" href="#763">763</a> keyIdentifier.put(<span class="jxr_string">"Thumbprint"</span>,
+<a name="764" href="#764">764</a> <strong class="jxr_keyword">new</strong> Integer(WSConstants.THUMBPRINT_IDENTIFIER));
+<a name="765" href="#765">765</a> }
+<a name="766" href="#766">766</a> <em class="jxr_comment">/*</em>
+<a name="767" href="#767">767</a> <em class="jxr_comment"> * internally used property names to store values inside the message context</em>
+<a name="768" href="#768">768</a> <em class="jxr_comment"> * that must have the same livetime as a message (request/response model).</em>
+<a name="769" href="#769">769</a> <em class="jxr_comment"> */</em>
+<a name="770" href="#770">770</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SEND_SIGV = <span class="jxr_string">"_sendSignatureValues_"</span>;
+<a name="771" href="#771">771</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String SIG_CONF_DONE = <span class="jxr_string">"_sigConfDone_"</span>;
+<a name="772" href="#772">772</a> }
+<a name="773" href="#773">773</a>
</pre>
<hr/><div id="footer">This page was automatically generated by <a href="http://maven.apache.org/">Maven</a></div></body>
</html>
Modified: webservices/wss4j/site/xref/org/apache/ws/security/handler/package-frame.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/handler/package-frame.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/handler/package-frame.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/handler/package-frame.html Mon Apr 20 13:56:25 2009
@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
- <title>WSS4J 1.5.6 Reference Package org.apache.ws.security.handler</title>
+ <title>WSS4J 1.5.7 Reference Package org.apache.ws.security.handler</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
</head>
<body>
Modified: webservices/wss4j/site/xref/org/apache/ws/security/handler/package-summary.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/handler/package-summary.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/handler/package-summary.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/handler/package-summary.html Mon Apr 20 13:56:25 2009
@@ -3,7 +3,7 @@
<html xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
- <title>WSS4J 1.5.6 Reference Package org.apache.ws.security.handler</title>
+ <title>WSS4J 1.5.7 Reference Package org.apache.ws.security.handler</title>
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="style" />
</head>
<body>
Modified: webservices/wss4j/site/xref/org/apache/ws/security/message/WSBaseMessage.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/message/WSBaseMessage.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/message/WSBaseMessage.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/message/WSBaseMessage.html Mon Apr 20 13:56:25 2009
@@ -215,7 +215,7 @@
<a name="205" href="#205">205</a> id = bodyElement.getAttributeNS(WSConstants.WSU_NS, <span class="jxr_string">"Id"</span>);
<a name="206" href="#206">206</a>
<a name="207" href="#207">207</a> <strong class="jxr_keyword">if</strong> ((id == <strong class="jxr_keyword">null</strong>) || (id.length() == 0)) {
-<a name="208" href="#208">208</a> id = <span class="jxr_string">"id-"</span> + Integer.toString(bodyElement.hashCode());
+<a name="208" href="#208">208</a> id = wssConfig.getIdAllocator().createId(<span class="jxr_string">"id-"</span>, bodyElement);
<a name="209" href="#209">209</a> String prefix = WSSecurityUtil.setNamespace(bodyElement,
<a name="210" href="#210">210</a> WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
<a name="211" href="#211">211</a> bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + <span class="jxr_string">":Id"</span>, id);
Modified: webservices/wss4j/site/xref/org/apache/ws/security/message/WSEncryptBody.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/message/WSEncryptBody.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/message/WSEncryptBody.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/message/WSEncryptBody.html Mon Apr 20 13:56:25 2009
@@ -356,89 +356,89 @@
<a name="346" href="#346">346</a> }
<a name="347" href="#347">347</a> remoteCert = certs[0];
<a name="348" href="#348">348</a> }
-<a name="349" href="#349">349</a> String certUri = <span class="jxr_string">"EncCertId-"</span> + remoteCert.hashCode();
-<a name="350" href="#350">350</a> <strong class="jxr_keyword">if</strong> (tlog.isDebugEnabled()) {
-<a name="351" href="#351">351</a> t2 = System.currentTimeMillis();
-<a name="352" href="#352">352</a> }
-<a name="353" href="#353">353</a> Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
-<a name="354" href="#354">354</a> <strong class="jxr_keyword">try</strong> {
-<a name="355" href="#355">355</a> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
-<a name="356" href="#356">356</a> } <strong class="jxr_keyword">catch</strong> (InvalidKeyException e) {
-<a name="357" href="#357">357</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e);
-<a name="358" href="#358">358</a> }
-<a name="359" href="#359">359</a> byte[] encKey = <strong class="jxr_keyword">this</strong>.encryptionKey.getEncoded();
-<a name="360" href="#360">360</a> <strong class="jxr_keyword">if</strong> (doDebug) {
-<a name="361" href="#361">361</a> log.debug(<span class="jxr_string">"cipher blksize: "</span>
-<a name="362" href="#362">362</a> + cipher.getBlockSize()
-<a name="363" href="#363">363</a> + <span class="jxr_string">", symm key length: "</span>
-<a name="364" href="#364">364</a> + encKey.length);
-<a name="365" href="#365">365</a> }
-<a name="366" href="#366">366</a> <strong class="jxr_keyword">if</strong> (cipher.getBlockSize() < encKey.length) {
-<a name="367" href="#367">367</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILURE,
-<a name="368" href="#368">368</a> <span class="jxr_string">"unsupportedKeyTransp"</span>,
-<a name="369" href="#369">369</a> <strong class="jxr_keyword">new</strong> Object[]{<span class="jxr_string">"public key algorithm too weak to encrypt symmetric key"</span>});
-<a name="370" href="#370">370</a> }
-<a name="371" href="#371">371</a> byte[] encryptedKey = <strong class="jxr_keyword">null</strong>;
-<a name="372" href="#372">372</a> <strong class="jxr_keyword">try</strong> {
-<a name="373" href="#373">373</a> encryptedKey = cipher.doFinal(encKey);
-<a name="374" href="#374">374</a> } <strong class="jxr_keyword">catch</strong> (IllegalStateException e1) {
-<a name="375" href="#375">375</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
-<a name="376" href="#376">376</a> } <strong class="jxr_keyword">catch</strong> (IllegalBlockSizeException e1) {
-<a name="377" href="#377">377</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
-<a name="378" href="#378">378</a> } <strong class="jxr_keyword">catch</strong> (BadPaddingException e1) {
-<a name="379" href="#379">379</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
-<a name="380" href="#380">380</a> }
-<a name="381" href="#381">381</a> Text keyText =
-<a name="382" href="#382">382</a> WSSecurityUtil.createBase64EncodedTextNode(doc, encryptedKey);
-<a name="383" href="#383">383</a>
-<a name="384" href="#384">384</a> <em class="jxr_comment">/*</em>
-<a name="385" href="#385">385</a> <em class="jxr_comment"> * Now we need to setup the wsse:Security header block</em>
-<a name="386" href="#386">386</a> <em class="jxr_comment"> * 1) get (or create) the wsse:Security header block</em>
-<a name="387" href="#387">387</a> <em class="jxr_comment"> * 2) create the xenc:EncryptedKey element. This already includes</em>
-<a name="388" href="#388">388</a> <em class="jxr_comment"> * the ExcrpytionMethod element with attributes that define</em>
-<a name="389" href="#389">389</a> <em class="jxr_comment"> * the key transport encryption algorithm</em>
-<a name="390" href="#390">390</a> <em class="jxr_comment"> * 3) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference</em>
-<a name="391" href="#391">391</a> <em class="jxr_comment"> * 4) set up the SecurityTokenReference, either with KeyIdentifier or</em>
-<a name="392" href="#392">392</a> <em class="jxr_comment"> * X509IssuerSerial. The SecTokenRef defines how to get to security</em>
-<a name="393" href="#393">393</a> <em class="jxr_comment"> * token used to encrypt the session key (this security token usually</em>
-<a name="394" href="#394">394</a> <em class="jxr_comment"> * contains a public key)</em>
-<a name="395" href="#395">395</a> <em class="jxr_comment"> * 5) Create the CipherValue element structure and insert the encrypted</em>
-<a name="396" href="#396">396</a> <em class="jxr_comment"> * session key</em>
-<a name="397" href="#397">397</a> <em class="jxr_comment"> * 6) The last step sets up the reference list that pints to the encrypted</em>
-<a name="398" href="#398">398</a> <em class="jxr_comment"> * data that was encrypted with this encrypted session key :-)</em>
-<a name="399" href="#399">399</a> <em class="jxr_comment"> */</em>
-<a name="400" href="#400">400</a> Element wsseSecurity = insertSecurityHeader(doc);
-<a name="401" href="#401">401</a> Element xencEncryptedKey = createEncryptedKey(doc, keyEncAlgo);
-<a name="402" href="#402">402</a> <strong class="jxr_keyword">if</strong> (parentNode == <strong class="jxr_keyword">null</strong>) {
-<a name="403" href="#403">403</a> WSSecurityUtil.prependChildElement(wsseSecurity, xencEncryptedKey);
-<a name="404" href="#404">404</a> } <strong class="jxr_keyword">else</strong> {
-<a name="405" href="#405">405</a> WSSecurityUtil.prependChildElement(parentNode, xencEncryptedKey);
-<a name="406" href="#406">406</a> }
-<a name="407" href="#407">407</a> <a href="../../../../../org/apache/ws/security/message/token/SecurityTokenReference.html">SecurityTokenReference</a> secToken = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/message/token/SecurityTokenReference.html">SecurityTokenReference</a>(doc);
-<a name="408" href="#408">408</a>
-<a name="409" href="#409">409</a> <strong class="jxr_keyword">switch</strong> (keyIdentifierType) {
-<a name="410" href="#410">410</a> <strong class="jxr_keyword">case</strong> WSConstants.X509_KEY_IDENTIFIER:
-<a name="411" href="#411">411</a> secToken.setKeyIdentifier(remoteCert);
-<a name="412" href="#412">412</a> <em class="jxr_comment">// build a key id class??</em>
-<a name="413" href="#413">413</a> <strong class="jxr_keyword">break</strong>;
-<a name="414" href="#414">414</a>
-<a name="415" href="#415">415</a> <strong class="jxr_keyword">case</strong> WSConstants.SKI_KEY_IDENTIFIER:
-<a name="416" href="#416">416</a> secToken.setKeyIdentifierSKI(remoteCert, crypto);
-<a name="417" href="#417">417</a> <strong class="jxr_keyword">break</strong>;
-<a name="418" href="#418">418</a>
-<a name="419" href="#419">419</a> <strong class="jxr_keyword">case</strong> WSConstants.THUMBPRINT_IDENTIFIER:
-<a name="420" href="#420">420</a> secToken.setKeyIdentifierThumb(remoteCert);
-<a name="421" href="#421">421</a> <strong class="jxr_keyword">break</strong>;
-<a name="422" href="#422">422</a>
-<a name="423" href="#423">423</a> <strong class="jxr_keyword">case</strong> WSConstants.ISSUER_SERIAL:
-<a name="424" href="#424">424</a> XMLX509IssuerSerial data = <strong class="jxr_keyword">new</strong> XMLX509IssuerSerial(doc, remoteCert);
-<a name="425" href="#425">425</a> X509Data x509Data = <strong class="jxr_keyword">new</strong> X509Data(doc);
-<a name="426" href="#426">426</a> x509Data.add(data);
-<a name="427" href="#427">427</a> secToken.setX509IssuerSerial(x509Data);
-<a name="428" href="#428">428</a> <strong class="jxr_keyword">break</strong>;
-<a name="429" href="#429">429</a>
-<a name="430" href="#430">430</a> <strong class="jxr_keyword">case</strong> WSConstants.BST_DIRECT_REFERENCE:
-<a name="431" href="#431">431</a> <a href="../../../../../org/apache/ws/security/message/token/Reference.html">Reference</a> ref = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/message/token/Reference.html">Reference</a>(doc);
+<a name="349" href="#349">349</a> <strong class="jxr_keyword">if</strong> (tlog.isDebugEnabled()) {
+<a name="350" href="#350">350</a> t2 = System.currentTimeMillis();
+<a name="351" href="#351">351</a> }
+<a name="352" href="#352">352</a> Cipher cipher = WSSecurityUtil.getCipherInstance(keyEncAlgo);
+<a name="353" href="#353">353</a> <strong class="jxr_keyword">try</strong> {
+<a name="354" href="#354">354</a> cipher.init(Cipher.ENCRYPT_MODE, remoteCert);
+<a name="355" href="#355">355</a> } <strong class="jxr_keyword">catch</strong> (InvalidKeyException e) {
+<a name="356" href="#356">356</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e);
+<a name="357" href="#357">357</a> }
+<a name="358" href="#358">358</a> byte[] encKey = <strong class="jxr_keyword">this</strong>.encryptionKey.getEncoded();
+<a name="359" href="#359">359</a> <strong class="jxr_keyword">if</strong> (doDebug) {
+<a name="360" href="#360">360</a> log.debug(<span class="jxr_string">"cipher blksize: "</span>
+<a name="361" href="#361">361</a> + cipher.getBlockSize()
+<a name="362" href="#362">362</a> + <span class="jxr_string">", symm key length: "</span>
+<a name="363" href="#363">363</a> + encKey.length);
+<a name="364" href="#364">364</a> }
+<a name="365" href="#365">365</a> <strong class="jxr_keyword">if</strong> (cipher.getBlockSize() < encKey.length) {
+<a name="366" href="#366">366</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILURE,
+<a name="367" href="#367">367</a> <span class="jxr_string">"unsupportedKeyTransp"</span>,
+<a name="368" href="#368">368</a> <strong class="jxr_keyword">new</strong> Object[]{<span class="jxr_string">"public key algorithm too weak to encrypt symmetric key"</span>});
+<a name="369" href="#369">369</a> }
+<a name="370" href="#370">370</a> byte[] encryptedKey = <strong class="jxr_keyword">null</strong>;
+<a name="371" href="#371">371</a> <strong class="jxr_keyword">try</strong> {
+<a name="372" href="#372">372</a> encryptedKey = cipher.doFinal(encKey);
+<a name="373" href="#373">373</a> } <strong class="jxr_keyword">catch</strong> (IllegalStateException e1) {
+<a name="374" href="#374">374</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
+<a name="375" href="#375">375</a> } <strong class="jxr_keyword">catch</strong> (IllegalBlockSizeException e1) {
+<a name="376" href="#376">376</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
+<a name="377" href="#377">377</a> } <strong class="jxr_keyword">catch</strong> (BadPaddingException e1) {
+<a name="378" href="#378">378</a> <strong class="jxr_keyword">throw</strong> <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/WSSecurityException.html">WSSecurityException</a>(WSSecurityException.FAILED_ENCRYPTION, <strong class="jxr_keyword">null</strong>, <strong class="jxr_keyword">null</strong>, e1);
+<a name="379" href="#379">379</a> }
+<a name="380" href="#380">380</a> Text keyText =
+<a name="381" href="#381">381</a> WSSecurityUtil.createBase64EncodedTextNode(doc, encryptedKey);
+<a name="382" href="#382">382</a>
+<a name="383" href="#383">383</a> <em class="jxr_comment">/*</em>
+<a name="384" href="#384">384</a> <em class="jxr_comment"> * Now we need to setup the wsse:Security header block</em>
+<a name="385" href="#385">385</a> <em class="jxr_comment"> * 1) get (or create) the wsse:Security header block</em>
+<a name="386" href="#386">386</a> <em class="jxr_comment"> * 2) create the xenc:EncryptedKey element. This already includes</em>
+<a name="387" href="#387">387</a> <em class="jxr_comment"> * the ExcrpytionMethod element with attributes that define</em>
+<a name="388" href="#388">388</a> <em class="jxr_comment"> * the key transport encryption algorithm</em>
+<a name="389" href="#389">389</a> <em class="jxr_comment"> * 3) Generate ds:KeyInfo element, this wraps the wsse:SecurityTokenReference</em>
+<a name="390" href="#390">390</a> <em class="jxr_comment"> * 4) set up the SecurityTokenReference, either with KeyIdentifier or</em>
+<a name="391" href="#391">391</a> <em class="jxr_comment"> * X509IssuerSerial. The SecTokenRef defines how to get to security</em>
+<a name="392" href="#392">392</a> <em class="jxr_comment"> * token used to encrypt the session key (this security token usually</em>
+<a name="393" href="#393">393</a> <em class="jxr_comment"> * contains a public key)</em>
+<a name="394" href="#394">394</a> <em class="jxr_comment"> * 5) Create the CipherValue element structure and insert the encrypted</em>
+<a name="395" href="#395">395</a> <em class="jxr_comment"> * session key</em>
+<a name="396" href="#396">396</a> <em class="jxr_comment"> * 6) The last step sets up the reference list that pints to the encrypted</em>
+<a name="397" href="#397">397</a> <em class="jxr_comment"> * data that was encrypted with this encrypted session key :-)</em>
+<a name="398" href="#398">398</a> <em class="jxr_comment"> */</em>
+<a name="399" href="#399">399</a> Element wsseSecurity = insertSecurityHeader(doc);
+<a name="400" href="#400">400</a> Element xencEncryptedKey = createEncryptedKey(doc, keyEncAlgo);
+<a name="401" href="#401">401</a> <strong class="jxr_keyword">if</strong> (parentNode == <strong class="jxr_keyword">null</strong>) {
+<a name="402" href="#402">402</a> WSSecurityUtil.prependChildElement(wsseSecurity, xencEncryptedKey);
+<a name="403" href="#403">403</a> } <strong class="jxr_keyword">else</strong> {
+<a name="404" href="#404">404</a> WSSecurityUtil.prependChildElement(parentNode, xencEncryptedKey);
+<a name="405" href="#405">405</a> }
+<a name="406" href="#406">406</a> <a href="../../../../../org/apache/ws/security/message/token/SecurityTokenReference.html">SecurityTokenReference</a> secToken = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/message/token/SecurityTokenReference.html">SecurityTokenReference</a>(doc);
+<a name="407" href="#407">407</a>
+<a name="408" href="#408">408</a> <strong class="jxr_keyword">switch</strong> (keyIdentifierType) {
+<a name="409" href="#409">409</a> <strong class="jxr_keyword">case</strong> WSConstants.X509_KEY_IDENTIFIER:
+<a name="410" href="#410">410</a> secToken.setKeyIdentifier(remoteCert);
+<a name="411" href="#411">411</a> <em class="jxr_comment">// build a key id class??</em>
+<a name="412" href="#412">412</a> <strong class="jxr_keyword">break</strong>;
+<a name="413" href="#413">413</a>
+<a name="414" href="#414">414</a> <strong class="jxr_keyword">case</strong> WSConstants.SKI_KEY_IDENTIFIER:
+<a name="415" href="#415">415</a> secToken.setKeyIdentifierSKI(remoteCert, crypto);
+<a name="416" href="#416">416</a> <strong class="jxr_keyword">break</strong>;
+<a name="417" href="#417">417</a>
+<a name="418" href="#418">418</a> <strong class="jxr_keyword">case</strong> WSConstants.THUMBPRINT_IDENTIFIER:
+<a name="419" href="#419">419</a> secToken.setKeyIdentifierThumb(remoteCert);
+<a name="420" href="#420">420</a> <strong class="jxr_keyword">break</strong>;
+<a name="421" href="#421">421</a>
+<a name="422" href="#422">422</a> <strong class="jxr_keyword">case</strong> WSConstants.ISSUER_SERIAL:
+<a name="423" href="#423">423</a> XMLX509IssuerSerial data = <strong class="jxr_keyword">new</strong> XMLX509IssuerSerial(doc, remoteCert);
+<a name="424" href="#424">424</a> X509Data x509Data = <strong class="jxr_keyword">new</strong> X509Data(doc);
+<a name="425" href="#425">425</a> x509Data.add(data);
+<a name="426" href="#426">426</a> secToken.setX509IssuerSerial(x509Data);
+<a name="427" href="#427">427</a> <strong class="jxr_keyword">break</strong>;
+<a name="428" href="#428">428</a>
+<a name="429" href="#429">429</a> <strong class="jxr_keyword">case</strong> WSConstants.BST_DIRECT_REFERENCE:
+<a name="430" href="#430">430</a> <a href="../../../../../org/apache/ws/security/message/token/Reference.html">Reference</a> ref = <strong class="jxr_keyword">new</strong> <a href="../../../../../org/apache/ws/security/message/token/Reference.html">Reference</a>(doc);
+<a name="431" href="#431">431</a> String certUri = wssConfig.getIdAllocator().createId(<span class="jxr_string">"EncCertId-"</span>, remoteCert);
<a name="432" href="#432">432</a> ref.setURI(<span class="jxr_string">"#"</span> + certUri);
<a name="433" href="#433">433</a> <a href="../../../../../org/apache/ws/security/message/token/BinarySecurity.html">BinarySecurity</a> bstToken = <strong class="jxr_keyword">null</strong>;
<a name="434" href="#434">434</a> bstToken = <strong class="jxr_keyword">new</strong> X509Security(doc);
@@ -530,7 +530,7 @@
<a name="520" href="#520">520</a> }
<a name="521" href="#521">521</a>
<a name="522" href="#522">522</a> <strong class="jxr_keyword">boolean</strong> content = modifier.equals(<span class="jxr_string">"Content"</span>) ? <strong class="jxr_keyword">true</strong> : false;
-<a name="523" href="#523">523</a> String xencEncryptedDataId = <span class="jxr_string">"EncDataId-"</span> + body.hashCode();
+<a name="523" href="#523">523</a> String xencEncryptedDataId = wssConfig.getIdAllocator().createId(<span class="jxr_string">"EncDataId-"</span>, body);
<a name="524" href="#524">524</a>
<a name="525" href="#525">525</a> <em class="jxr_comment">/*</em>
<a name="526" href="#526">526</a> <em class="jxr_comment"> * Forth step: encrypt data, and set neccessary attributes in</em>
Modified: webservices/wss4j/site/xref/org/apache/ws/security/message/WSSecBase.html
URL: http://svn.apache.org/viewvc/webservices/wss4j/site/xref/org/apache/ws/security/message/WSSecBase.html?rev=766696&r1=766695&r2=766696&view=diff
==============================================================================
--- webservices/wss4j/site/xref/org/apache/ws/security/message/WSSecBase.html (original)
+++ webservices/wss4j/site/xref/org/apache/ws/security/message/WSSecBase.html Mon Apr 20 13:56:25 2009
@@ -141,7 +141,7 @@
<a name="131" href="#131">131</a> String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, <span class="jxr_string">"Id"</span>);
<a name="132" href="#132">132</a>
<a name="133" href="#133">133</a> <strong class="jxr_keyword">if</strong> ((id == <strong class="jxr_keyword">null</strong>) || (id.length() == 0)) {
-<a name="134" href="#134">134</a> id = <span class="jxr_string">"id-"</span> + Integer.toString(bodyElement.hashCode());
+<a name="134" href="#134">134</a> id = wssConfig.getIdAllocator().createId(<span class="jxr_string">"id-"</span>, bodyElement);
<a name="135" href="#135">135</a> String prefix =
<a name="136" href="#136">136</a> WSSecurityUtil.setNamespace(bodyElement, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
<a name="137" href="#137">137</a> bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + <span class="jxr_string">":Id"</span>, id);
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org